Описание
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert (Versions prior to V7.9.0)
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
8 High
CVSS3
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert (Versions prior to V7.9.0)
Уязвимость программного средства мониторинга информации об оборудовании Schneider Electric Data Center Expert, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить полный контроль над программным средством
EPSS
8 High
CVSS3
9.8 Critical
CVSS3